ensl.org/app/controllers/custom_urls_controller.rb

class CustomUrlsController < ApplicationController
  def administrate
    raise AccessError unless cuser && cuser.admin?
    @custom_urls = CustomUrl.all
    @custom_url = CustomUrl.new
  end

  def create
    administrate

    @custom_url.name = params[:custom_url][:name]
    @custom_url.article_id = params[:custom_url][:article_id].to_i

    if @custom_url.save
      flash[:notice] = "Created URL with name #{@custom_url.name}"
      redirect_to custom_urls_url
    else
      flash[:error] = 'Error creating URL!'
      render :administrate
    end
  end

  def show
    custom_url = CustomUrl.find_by_name(params[:name])
    raise ActiveRecord::RecordNotFound unless custom_url
    @article = custom_url.article
    raise AccessError unless @article.can_show? cuser
    @article.read_by! cuser if cuser
    render 'articles/show'
  end

  def update
    raise AccessError unless request.xhr?
    response = {}
    if cuser && cuser.admin?
      url = CustomUrl.find(params[:id]) rescue nil

      if url
        url.article_id = params[:custom_url][:article_id]
        url.name= params[:custom_url][:name]
        if url.save
          response[:status] = 200
          response[:message] = 'Successfully updated!'
          resobj = {name: url.name, title: url.article.title}
          response[:obj] = resobj
        else
          response[:status] = 400
          message = 'Update failed! Errors:'
          url.errors.full_messages.each do |error|
            message += "\n * " + error
          end

          response[:message] = message
        end
      else
        response[:status] = 404
        response[:message] = 'Error! No Custom URL with this id exists.'
      end
    else
      response[:status] = 403
      response[:message] = 'You are not allowed to do this!'
    end

    render json: response, status: response[:status]
  end

  def destroy
    raise AccessError unless request.xhr?
    response = {}
    if cuser && cuser.admin?
      url = CustomUrl.destroy(params[:id])
      response[:status] = 200
      response[:message] = "Successfully deleted url with name: #{url.name}!"
    else
      response[:status] = 403
      response[:message] = 'You are not allowed to do this!'
    end

    render json: response, status: response[:status]
  end
end
Renaming because old unused stuff is getting in the way 2017-11-09 19:57:05 +00:00			`class CustomUrlsController < ApplicationController`
Create stubs for controller and model 2017-11-09 17:25:52 +00:00			`def administrate`
Fixing path to administrate view and added permission checks to controller 2017-11-10 11:12:03 +00:00			`raise AccessError unless cuser && cuser.admin?`
Implementing custom_url logic 2017-11-12 00:26:00 +00:00			`@custom_urls = CustomUrl.all`
			`@custom_url = CustomUrl.new`
Create stubs for controller and model 2017-11-09 17:25:52 +00:00			`end`

			`def create`
Implementing custom_url logic 2017-11-12 00:26:00 +00:00			`administrate`

			`@custom_url.name = params[:custom_url][:name]`
			`@custom_url.article_id = params[:custom_url][:article_id].to_i`

			`if @custom_url.save`
			`flash[:notice] = "Created URL with name #{@custom_url.name}"`
			`redirect_to custom_urls_url`
			`else`
			`flash[:error] = 'Error creating URL!'`
			`render :administrate`
			`end`
Create stubs for controller and model 2017-11-09 17:25:52 +00:00			`end`

			`def show`
Implemented #show 2017-11-10 09:42:35 +00:00			`custom_url = CustomUrl.find_by_name(params[:name])`
removed shoutmsg history removed compmod council group from staff page fixed some errors with missing database entries 2018-09-21 15:30:43 +00:00			`raise ActiveRecord::RecordNotFound unless custom_url`
Implemented #show 2017-11-10 09:42:35 +00:00			`@article = custom_url.article`
			`raise AccessError unless @article.can_show? cuser`
			`@article.read_by! cuser if cuser`
			`render 'articles/show'`
Create stubs for controller and model 2017-11-09 17:25:52 +00:00			`end`

			`def update`
Fixing path to administrate view and added permission checks to controller 2017-11-10 11:12:03 +00:00			`raise AccessError unless request.xhr?`
Implementing custom_url logic 2017-11-12 00:26:00 +00:00			`response = {}`
			`if cuser && cuser.admin?`
			`url = CustomUrl.find(params[:id]) rescue nil`

			`if url`
Fix updating of custom urls 2018-05-03 17:25:50 +00:00			`url.article_id = params[:custom_url][:article_id]`
			`url.name= params[:custom_url][:name]`
			`if url.save`
Implementing custom_url logic 2017-11-12 00:26:00 +00:00			`response[:status] = 200`
			`response[:message] = 'Successfully updated!'`
Fix updating of custom urls 2018-05-03 17:25:50 +00:00			`resobj = {name: url.name, title: url.article.title}`
			`response[:obj] = resobj`
Implementing custom_url logic 2017-11-12 00:26:00 +00:00			`else`
			`response[:status] = 400`
			`message = 'Update failed! Errors:'`
			`url.errors.full_messages.each do \|error\|`
			`message += "\n * " + error`
			`end`

			`response[:message] = message`
			`end`
			`else`
			`response[:status] = 404`
			`response[:message] = 'Error! No Custom URL with this id exists.'`
			`end`
			`else`
			`response[:status] = 403`
			`response[:message] = 'You are not allowed to do this!'`
			`end`

			`render json: response, status: response[:status]`
Create stubs for controller and model 2017-11-09 17:25:52 +00:00			`end`

			`def destroy`
Fixing path to administrate view and added permission checks to controller 2017-11-10 11:12:03 +00:00			`raise AccessError unless request.xhr?`
Implementing custom_url logic 2017-11-12 00:26:00 +00:00			`response = {}`
			`if cuser && cuser.admin?`
			`url = CustomUrl.destroy(params[:id])`
			`response[:status] = 200`
			`response[:message] = "Successfully deleted url with name: #{url.name}!"`
			`else`
			`response[:status] = 403`
			`response[:message] = 'You are not allowed to do this!'`
			`end`

			`render json: response, status: response[:status]`
Create stubs for controller and model 2017-11-09 17:25:52 +00:00			`end`
			`end`